mobileorder | 549ea085fbb23729ee000721938d95ea38ff2e70a63af1d4aa8db6b7b3458f6f | Triage

Sharing

General

Target

549ea085fbb23729ee000721938d95ea38ff2e70a63af1d4aa8db6b7b3458f6f
Size

673KB
Sample

240410-m4d7jsgd3v
MD5

9f52c80d44b879f82129008911837927
SHA1

be81a0e21bcd856ca82ac460070aa091311ca080
SHA256

549ea085fbb23729ee000721938d95ea38ff2e70a63af1d4aa8db6b7b3458f6f
SHA512

8795699573c865117096a19b9ff37e141674836e8119045175b9cedc59cff068b0b6db715814a5606c8cd33842402d25a4ee46a7e39f1d340ca8b231b0ff365b
SSDEEP

12288:m/zftLOwJIUKCxsCQRMgrdnTVzmpjjDJQkNzwtaXho0y6dZqW:m/hLOTKzQRrdT1APDJQkNnXhW6dF

Score

10^/10

mobileorder android evasion privilege_escalation stealth trojan

Malware Config

Extracted

Family

mobileorder

C2

islam.ansardawlatalislam.com

mobile.muslimbro.org

Targets

- Target
  
  549ea085fbb23729ee000721938d95ea38ff2e70a63af1d4aa8db6b7b3458f6f
- Size
  
  673KB
- MD5
  
  9f52c80d44b879f82129008911837927
- SHA1
  
  be81a0e21bcd856ca82ac460070aa091311ca080
- SHA256
  
  549ea085fbb23729ee000721938d95ea38ff2e70a63af1d4aa8db6b7b3458f6f
- SHA512
  
  8795699573c865117096a19b9ff37e141674836e8119045175b9cedc59cff068b0b6db715814a5606c8cd33842402d25a4ee46a7e39f1d340ca8b231b0ff365b
- SSDEEP
  
  12288:m/zftLOwJIUKCxsCQRMgrdnTVzmpjjDJQkNzwtaXho0y6dZqW:m/hLOTKzQRrdT1APDJQkNnXhW6dF
Score

8^/10

evasion privilege_escalation stealth trojan
- Removes its main activity from the application launcher
  stealth trojan evasion
- Tries to add a device administrator.
  privilege_escalation
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Device Administrator Permissions

Defense Evasion

Hide Artifacts

Suppress Application Icon

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionprivilege_escalationstealthtrojan

behavioral2

evasionstealthtrojan

behavioral3

evasionprivilege_escalationstealthtrojan